Hi Douglas, I actually try to use the LDAP to store the KDC data... I guess that it means more performance and administrative...
Jonathan Córdoba Certified Ethical Hacker (CEH) GIAC Certified Forensics Analyst (GCFA) CompTIA Security+ Certified Professional Ing. Seguridad Universidad de los Andes Dirección de Tecnologías de Información (D.T.I.) Bogotá - Colombia -----Original Message----- From: Douglas E. Engert [mailto:[EMAIL PROTECTED] Sent: Martes, 25 de Septiembre de 2007 08:56 a.m. To: Jonathan Javier Cordoba Gonzalez Cc: [email protected] Subject: Re: Kerberos OpenLDAP Frontend Jonathan Javier Cordoba Gonzalez wrote: > Hi, > > > > Im confuse about the openldap frontend > > > > Anybody have a guide, tutorial or a step-by-step procedure in order to make > the connection, create the initial LDAP DB and how it works?? > > > > I dont understand the sequence when a user wants authenticate You may be confusing the LDAP used by the KDC to store it data, and an LDAP used by something like nss-ldap that stores what would have been found on /etc/passwd or NIS. So kinit and pam_krb5 can do the authentication as they always have, to the KDC, then when kinit or pam_krb5 calls getpwnam this calls the nss-ldap routines via /etc/nsswitch.conf. > > > > Thanks a lot. > > > > Jonathan Córdoba > > Certified Ethical Hacker (CEH) > > GIAC Certified Forensics Analyst (GCFA) > > CompTIA Security+ Certified Professional > > Ing. Seguridad Universidad de los Andes > > Dirección de Tecnologías de Información (D.T.I.) > > Bogotá - Colombia > > > > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos > > -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
